Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-7745

DS6.5 - 7 Replication fails in Kubernetes

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Dev backlog
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 6.5.0, 6.5.1, 6.5.2, 6.5.3, 6.5.4, 7.0.0, 7.0.1
    • Fix Version/s: None
    • Component/s: replication, upgrade
    • Environment:
      Kubernetes
    • Support Ticket IDs:

      Description

      Observed behaviour

      Replicating DS 7.0 k8s instance with a DS 6.5 k8s using dsrepl add-local-server-to-pre-7-0-topology instance fails with SSL errors - on the DS6.5 instance

      PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 

      And on the DS7 instance

      The Replication Server should try to reconnect later. The problem was: SSLHandshakeException(Received fatal alert: certificate_unknown)

      This seems to be caused by the DS7 keys not being copied to the DS6.5 instance.  

      As mentioned in slack thread, this seems to be due to the fact that the runtime SSL keystore is mounted as a k8s secret, rather than in the docker image.

      Expected behaviour

      dsrepl command should be able to replicate with 6.5 k8s instance, or behaviour should be documented.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            andrew.burton Andrew Burton
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: